Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-24 08:16:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Introduce polarssl_zeroize() instead of memset() for zeroization

Browse source
This commit is contained in:
Paul Bakker 2014-06-13 17:20:13 +02:00
parent bbcb1ce703
commit 3461772559
36 changed files with 325 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

7
library/aes.c
View file

@ -53,6 +53,11 @@
#if !defined(POLARSSL_AES_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* 32-bit integer manipulation macros (little endian)
*/
@ -633,7 +638,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
done:
#endif
memset( &cty, 0, sizeof( aes_context ) );
polarssl_zeroize( &cty, sizeof( aes_context ) );
return( 0 );
}